The Science of Blockchain is the blog dedicated to different theoretical and practical aspects of Blockchain technology

Last weekend Team Blockwise in cooperation with Eugene Pavlenko took the third place at London Blockchain Hackathon, organized by Larson Digital and Future World Financial Holdings. We have
decided to publish the award-winning white paper.

Blokwise Global ID

Abstract

Any person’s identity data today is scattered across many different organisations and data silos. Regulators require businesses to perform extensive KYC checks thus complicating the life of
people. Moreover, 39% of the world’s population doesn’t have a bank account because they can’t prove their identity.

Any person can be reliably identified by a combination of his unique characteristics (e.g. biometry) and unique knowledge (e.g. passwords).

The difficulty with the knowledge is that no one can be sure who else knows the same things.

The Blockwise Global ID system is designed to address the following requirements:

- The person owns their identity (self-sovereign identity)

- The person is able to share any part of the data with any entity which requires the identity check in an easy and secured way (secured selective disclosure)

- The person can revoke the access to their data

- The person is guaranteed that no part of their identity, including biometric data, is used for any identification purposes without their consent

- The system can be used as a platform for storing and sharing any personal data, such as health records, educational records, credit scores, etc.

Biometrics

With all challenges of the biometric identification, biometry is the only way to reliably identify the person today. The biometric data cannot be stored in a blockchain smart contract because all
the data in contracts is public. Encryption is not a solution either as the biometric data has to be decrypted before use, which means it can be compromised at the moment of decryption. Biometric
data is fuzzy, the samples are always slightly different and therefore is it not possible to use traditional hash functions as the results will be dispersed and not comparable.

Blockwise proposed to use so-called Fuzzy Hash functions which, for similar arguments, produce hashes of the same degree of similarity in terms of Hamming weight.

3) The resulting hash is compared to the hash generated from the other sample

There are alternatives schemes available. Our research shows that the technology is mature enough to achieve reasonable accuracy.

Multi-factor Identity Check

We propose to create a ‘Hash Silo’ in the form of smart contract in Ethereum. This smart contract will store the hashes of the factual data (names, addresses, etc) and fuzzy hashes of the
biometric data (photos, fingerprints, etc). As all the data is hashed we are able to maintain anonymity and prevent any possible data misuse as all the hashes, including fuzzy hashes are
irreversible and therefore, it is not possible to recover the original data from the hashes. The hashes array is linked to the address of the smart contract containing the real ID data which is
encrypted to ID owner’s public key (Global ID contract).

Every time someone wants to check the identity by using any data, including biometric, the Hash Silo contract will inform the ID owner’s contract. Before the identity check is confirmed to the
requestor, Global ID contract will require the owner to digitally sign the consent.

The identity is therefore checked against the biometric data, the knowledge (password) and the ownership of the blockchain private key at the same time.

Governance

Governance is very important part of any globally distributed system. The blockchain is a perfect rule enforcement machine, but it has to be transparent who creates the rules to be enforced via
blockchain.

Identity data normally cannot be changed by the owner, for example, to change the name the person has to apply to the relevant authority. Some of the data, such as address, must be confirmed by a
reputable organisation, such as bank or utility provider. If the biometric data is collected, someone has to confirm that this particular biometric sample belongs to the particular person.

Personal data creation has to be regulated as well. For example, the health record can only be updated by the qualified healthcare provider. On the other hand, the person should have full
ownership over their personal data, including the ability to change healthcare provider or share the health records with another one or with an insurance company.

Our Governance smart contract defines the list of the organisations which have the rights to create or change identity data. Every organisation is entitled to update only the data it creates
throughout the life of a person. For example, DVLA can update the driving license data, while the City Hall can update the name or the date of birth, police can collect the fingerprints, etc. Any
operation they perform is authorised through multi-factor identity check on the blockchain.

The organisations entitled to create or change the identity data form so-called ‘Governance Circle’.

Same principles work for the personal data. For example, health records can only be updated by a healthcare provider, educational records by an education provider etc.

There should be a Steering Committee which decides what organizations are to be added to the Governance Circle, define the types of organizations able to work with the personal data and certify
that the particular entity belongs to the particular type.

ID scoring

Through the course of life, any person communicates with the organizations from the Governance Circle. Every time the interaction happens, the identity data is being added to the Global ID. For
example, the name and date of birth can be added by the City Hall at birth, the photo can be updated by a passport issuing authority from time to time, the biometric data can be collected by the
police, etc.

Every such operation has associated score recorded in the Governance smart contract. The total score of an ID is the sum of the scores of all the data collection operations performed.

The scoring provides a convenient mechanism for the enterprises accepting Global IDs. For example, a bank can set up a threshold of ID score, so that the IDs having lower score are not accepted
while people having Global IDs of higher score can be served by the organization.

Another example: The Steering Committee may allow self-identification when the person adds the name and the selfie as their only identity data. Such a Global ID will have lower score which will
not be enough for some institutions. However, this type of IDs can be accepted by a financial inclusion start-up, like Humaniq, which can limit the transaction volume.

Selective Disclosure

Blockwise Global ID has several ways of secure sharing the identity and personal data and protecting the ownership of it.

Selective ID disclosure. Any part of the ID data can be sent over blockchain to any recipient via the message encrypted to the recipient public key. The recipient is able to confirm the
correctness of the received data by running multi-factor identity check through the Hash Silo.

Know your Customer. Some organizations are required to have a copy of the identity data for the purposes of KYC compliance. For this purpose we suggest creating the copy of the Global ID smart
contract where all the data is encrypted to the recipient public key. The data can be repossessed by deleting the copy.

Personal data disclosure. We use additional off-blockchain layer of symmetric cryptography to protect the personal data. Any part of the data can be encrypted with the key which is stored in the
wallet on the client side. Whenever the owner wants to grant the access to someone, they send the message via blockchain containing the symmetric key encrypted to the recipient public key. The
access is revoked by re-encrypting the data to the different symmetric key.

As an additional security measure, we have created the Smart Access List contract which stores the permissions granted to any party. Every individual ID or personal data contract, when called by
any party, sub-calls the Smart Access List before returning any data to the caller. Smart Access List returns the confirmation of the caller’s rights. This mechanism helps to quickly revoke the
access to the data without re-encrypting it.

Key Reconnection

As mentioned above, the only reliable way to identify the person is the biometry. Therefore, only those Global IDs having the biometric data attached can be reconnected in case of loss or theft
of the cryptographic keys.

The reconnection procedure works as follows: the person gets the new blockchain key pair and visits a Governance Circle organization. The organization re-collects the biometry sample and creates
new Global ID. After that the person sends the message to the special Mayday contract which matches the new ID with the old one by searching the Hash Silo and reconnects the personal data smart
contracts to the new Global ID.

The Mayday contract can also trigger the re-issuance of ERC-20 tokens or re-sending the native pre-mined tokens to the new address.

Use Cases

Human interactions and transactions are moving online and rapidly growing. Social media, shopping, personal finance, wealth management, insurance are just few examples.

More and more customers adopt digital payments through all type of channels, such as phones, contactless cards and even watches. We believe that the trend will continue and the penetration rate
of new payment media will increase.

Customers want to get value for their money and expect personalised experience and highly tailored solutions. This personalisation based on the personal data and behavioural preferences means one
needs to share this data.

It is hard to decide whom to trust and whom to provide your data with when you are not sure how the data will be used. If the data is protected and it is you who ultimately owns it, you feel more
confident sharing it.

The Global ID platform is based on private Ethereum blockchain with POA (proof of authority) consensus algorithm. Ethereum is a mature code base which is ready to be used in production
environments. The main advantage of POA is its high transaction throughput and stability. Currently, there are Ethereum SDK libraries available for most of the programming languages, including
Java, Golang, Python, C++, Rust, Javascript.

Ethereum allows integration of various private solutions between each other. This means the easiness of platform customization and adaptation for any business and regulatory needs.

The solution uses open source libraries and SDKs. The core of the system is based on Solidity smart contracts. Genesis block should be configured with pre-mined native Token (~10^12 ETH) or
ERC-20 specification contract Token.

Being a Blockchain practitioner, I am a great advocate of this technology. However, it is pretty complicated, and therefore, to achieve greater adoption,
we need to find the simplest possible way of explaining it to the public. There are many evangelists doing this job and I do appreciate their efforts. It is totally normal, however, that
sometimes they overpromise. After all, most prominent sales people do.

The purpose of this post is to note the typical overpromises of Blockchain. It is worth studying, especially if you deal with an enterprise customer that
will eventually ask you to put your promises into a legally binding contract.

By the myths of Blockchain, I understand the promises which cannot be delivered either with the current software realizations or ever. I will also talk
about existing features of Blockchain which make it legendary. I will start with the myths and finish with the legends for the purpose of making this article optimistic as the blockchain
technology well deserves it.

Myth 1. Decentralization

Blockchain is lot more decentralized than most other systems we know, however, the devil is in the details. The software runs in totally decentralized
manner, but there are two very important questions: who writes the code and who runs the nodes. To illustrate the importance of the first one: there are just fifty developers of bitcoin with more
than ten commits. It is a pretty small community which can totally affect how the bitcoin evolves as a system. The bitcoin blockchain is a perfectly decentralized rule enforcement machine, but
the rules are created by a few people.

The situation is even worse when it comes to the second question: the mining of bitcoin is dominated by a one-digit number of ASIC vendors, which can
easily sit around one table. In fact, they do so from time to time.

As we see from the past events with public blockchains, such as Ethereum and Bitcoin, if the network is under attack or at a capacity threshold, the rules
can be changed quite quickly by a very small number of people. All the users do not have a choice but to trust those people. Which brings us to the next myth of Blockchain.

Myth 2. Trustlessness

Blockchain is a trustless system. Indeed, if you send the money over blockchain, you don’t have to trust the second party. More importantly, your transfer
is not processed by trusted central authority. However, there should be many trusted ecosystem participants in order for the blockchain to function. Here are some examples:

The developers.We have to trust that the core contributors will not change the rules of the game on the fly.

The oracles. The external applications feeding the data into the smart contracts have to be trusted. For
example, if the smart contract pays out an insurance for the delayed flight, the information on the delay has to be kosher.

The cyber-physical gateways. Whenever the physical asset is being digitized and tracked on a blockchain,
there has to be a trusted way to confirm that the particular physical item corresponds to the particular digital token in the blockchain. The good example is the Bitnation integrated with
Estonian e-residence. In this case, Estonian government is a trusted cyber-physical gateway because before issuing an e-residency they perform a KYC and therefore can confirm that the digital
identity corresponds to the physical person.

The custodians. When the digital tokens are issued against the real money, shares, bonds or other similar
assets, there should be an organization which holds the asset and issues the tokens and vice versa, delivers the asset against the tokens balance. The example of such an entity is the bitcoin
exchange which holds the deposits both in bitcoin and fiat currency. It comes without saying, that this entity has to be trusted.

As you can see, the blockchain is not totally trustless. Moreover, if any one of the entities mentioned above cannot be trusted, the whole system looses
its attractiveness.

Myth 3. The Internet of Value

Blockchain is often referred to as the Internet of Value. It is not exactly accurate. The thing is that blockchain transfers digital tokens, not value.
There is no intrinsic value in digital tokens unless all the participants are in an agreement on that. It can be quite difficult to reach such an agreement, especially if the number of
participants is large. This problem is not in the technology itself but rather in adoption and presence of the legal and regulatory frameworks. The situation will change when either an existing
fiat currency will be re-digitized as the crypto currency or when an existing crypto currency will get the legal tender status. I guess it is a very long way to go.

Myth 4. The interoperability of blockchains

The interoperability of blockchains, which is the ability to receive a blockchain transaction from another blockchain, for example, to send bitcoins from
an Ethereum smart contract, is currently not possible. It is because all current blockchain realizations are based on the asymmetric cryptography scheme. To sign the transaction, one has to be in
possession of the private key. The wallet software signs the transaction with some interaction with the user, who enters the password which protects the private key. After that, the transaction
is being sent to the blockchain network. Interoperability assumes no human interaction which means that the private key for the blockchain receiving the transaction has to be stored in the
blockchain sending the transaction. If this is the case, the private key loses its privacy and the owner of the account loses the control over it.

Now let us talk about the bright side of the things: the "killer features" which make Blockchain legendary.

Killer feature 1. Automation, distributed by nature

Old school IT people remember how difficult and expensive were to build the distributed databases. Algorithms like Paxos were used in some file systems,
but aside from those, there was no progress in using consensus algorithms for distributed applications before blockchain. Now, your smart contract, which is essentially the virtual machine
containing the application and an embedded database, can be replicated easy and cheap as many times as necessary. Intrinsic consensus scheme guarantees that the data is in the same state across
all the nodes and that the application logic is executed as programmed. This is the foundation for building the systems which are orders of magnitude more reliable than before.

Killer feature 2. Resolving conflict of interest

Imagine the following scenario: the business process involves several parties. Let's take an example of motor accident which will include a customer, an
insurance broker, an insurance company, a reinsurance company, a service provider which fixes the damage, and a regulator. Some of the parties have an inherent conflict of interest and therefore
are motivated to obtain full control over the transactions and prevent transparency. Blockchain in this scenario creates an opportunity unseen before: every party can have the exact replica of
the entire application with all the business logic enforced automatically, where all the transactions are transparent and any interference from a conflicted party disabled by design.

The blockchain-based information system for the business process can be created and maintained by the third party software company which is paid by all the
participants proportionally to their use of the system and which does not have any control over the data.

Killer feature 3. The money is blended into the application

Imagine, that in the insurance example above, all the parties agreed on the value of the digital tokens of the blockchain and that there is a trusted
custodian holding the real money, emitting the tokens and settling the tokens balances with the real money once the agreed period ends.

Effectively, we now have the business application which automates not only the business process but also payments. The money flow can now be programmed in
the same way as the information flow used to be programmed before. The money is now blended into the application which is totally unprecedented.

Killer feature 4. Irrefutability and non-repudiation

In order for the consensus to be achieved, blockchain is designed in a way that all the changes to the data are stored since the system started. Moreover,
all the requests to change the data are digitally signed by the initiators. Two very important things are derived from this design.

First, one can check the state of the data at any given moment in the past. It makes the data irrefutable and creates totally new horizons for the audits,
investigations, and research.

Second, one of the main characteristics of the digital signature scheme is non-repudiation which means that any data change initiator is not able to
challenge their authorship of this initiative. Therefore, if the proper KYC procedures are put in place, the information system becomes unprecedently transparent.

To summarize, I am a bit skeptical of blockchain becoming the medium for the global value exchange over the Internet available to anyone to use. This may
or may not happen because of various non-technological reasons. What I firmly believe in though is that blockchain has a humongous potential to disrupt the corporate IT and streamline corporate
business processes. This, in turn, will make the life of those using corporate and government services easier while giving the ability to use these services to people not currently able to do
so.

Blockchain is one of the top buzz words today along with AI, IOT, and big data. Many call Blockchain the ‘new Internet’. Is this analogy relevant? This post is my attempt to find the place
Blockchain occupies in the modern IT landscape.

Technologies to handle the information (aka Information Technologies or IT) had arisen and evolved around serving the business needs of the corporations and governments. The central part of any
information system is the database which literally stores the data. The data stored in a traditional database is accessible and changeable by the users of the system according to their ‘access
rights’. Then there are ‘super users’ who are administrators of the database itself as well as sysadmins of servers on which the database physically resides. These users have the highest level of
access and administer other users rights.

Banks and financial corporations were among the earliest users of IT and therefore they had to figure out how the money can be put into the information systems. Their solution was to record
account balances in the database as the numerical values against the account numbers. And since any super user could change any value in their database (and potentially create the money out of
nothing), financial information systems had to be isolated from everyone's access by additional security measures.

At the same time, the business, which needs to be served by IT, is essentially the flow of transactions exchanging the goods or services for money. Traditional IT were only able to partially
serve these transactions as the systems managing the money are isolated from everything else.

Here comes Blockchain.

The first realization of Blockchain, known as bitcoin, totally changed the way the money is accounted in the information system. Instead of the numerical balance in a database, every currency
unit is represented as a promissory note which is digitally signed by the owner whenever they want to pass it to anyone else. Furthermore, there is no single database: the copy of the ledger,
which includes all the notes with the endorsements, is stored on many servers. Any change to the database state is only possible if the majority of the servers approves it.

The digital signatures used to sign the endorsements are derived from asymmetric cryptography scheme hence the public key is essentially the account number while the private key is the only mean
to sign the endorsement. The traditional form of the ledger which is the account number with associated balance can be therefore derived from the Blockchain database by summing up all the
endorsements made for a particular account.

This is not all the beauty of Blockchain. What makes it complete is smart contracts. The smart contract is the computer program which can be associated with the particular account of the ledger
described above. Whenever the transaction touches the account containing smart contract, it executes, automating some pre-programmed business logic. Therefore, now it is possible to create the
application which automates both sides of the business transaction: exchange of the product for money.

Apart of blending the money into the information systems, Blockchain has many intrinsic features resulting from its design. The database is naturally distributed hence there is no single point of
failure as well as no dependency on the single point of trust. All the changes are tracked and recorded, therefore making it possible to see the state of the data at any given moment in the past
which gives unprecedented capabilities for audits, research, and investigations. Last but not least, all the changes are authenticated with the digital signature of the change initiator, which
adds non-repudiation to any system built upon Blockchain. This all allows for an unprecedented levels of access, without the risks of erroneous or malicious interference from the super user.

Is Blockchain similar to Internet? Probably not as it is not enabling so many types of new businesses. It is obvious, though, that Blockchain has a great potential in corporate information
systems as those can now be more reliable, efficient and secure.

Being part of blockchain industry, I read and hear a lot about tech itself, use cases and scenarios, future applications etc. At the same time, I never saw a formal scientific definition of what
the technology really is. Under blockchain here I mean not the data structure – chain of blocks – but the technology framework which includes the distributed ledgers, smart contracts, and all
these nice new widely adored features. In the end of the day, all this blockchain tech is part of computer science, isn’t it? So here is my definition of blockchain technology for your judgment
and further discussion:

“Blockchain is the technology which allows trustless Turing machine replication over an asynchronous network.”

If we speak about distributed ledger without smart contracts layer, Turing machine can be replaced by the state machine in the definition above. Indeed, every node of Bitcoin network is a finite
state machine while the smart contract in Ethereum is Turing machine which works simultaneously and identically on all network nodes.

My view is that it is replication which is the most important. The proper replication of the database (ledger) or a process (smart contract) enables all these new business ideas because it brings
the data and the process closer to where it is needed therefore cutting the costs and improving efficiency.

The replication itself exists since quite a long time and has been widely used for building fault-tolerant systems. There are also some technologies dealing with asynchronous networks. But
trustless and asynchronous taken together create the real innovation. The trust is a fundamental concept in the blockchain technology. When dealing with someone in the real world, you have to
trust them. Trustlessness in the blockchain world sets up an interesting paradox, you don’t have to trust any of the counterparties, but you can trust all of them taken together. Indeed, you
don’t have to care whether the node you are sending your transaction to is legit. If it is not, the failure will be corrected by the consensus algorithm (if a certain majority of the nodes are
legit), so in the worst case your transaction will not be processed while in the best case it will be processed correctly.

You may ask: what about immutability, irrefutability and other nice features of blockchain? The answer is that all these features are consequences of the fact that data is organized as the chain
of blocks, each referring to the previous one. Why would we need such a data structure? Because it allows the above-mentioned consensus algorithm to function properly. So the logical chain here
is: trustless replication requires consensus algorithm which in turn requires the data to be organized in a blockchain. This logical chain can be evolved further to systemize the blockchain tech
stack of protocols, but it is the topic for separate discussion.